[vox-tech] Password Security...
Mark Street
vox-tech@lists.lugod.org
Sat, 1 May 2004 09:52:46 -0700
=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday 01 May 2004 09:34 am, William Perdue wrote:
> I've been having some trouble with my security in my server.... I am
> running Red Hat Linux 9 with the Linux SSH Client software.
Have you been keeping up with bug fixes and updates? Do you have users on=
=20
your system? What services do you run?
> Looking through my logs, I found that a hacker got hold of my Root
> password... it was _not_ the default (it was 17 characters) .... the serv=
er
> sits behind my router with a local IP address
How do you know? What and where was the proof?
> My Firewall is set at a high level and The Server config is far from the
> defaults...
>
> My Question: could they have obtained my root password?..
>
> Another thing,,, Is there an easy way I can figure out if they installed
> any software on my server, like a trapdoor that would allow access now th=
at
> I have changed the password?
If they got the root password then the machine and the data it contains can=
not=20
be trusted. Time to rebuild fresh.
=2D --=20
Mark Street, RHCE
http://www.oswizards.com
=2D --
Key fingerprint =3D 3949 39E4 6317 7C3C 023E 2B1F 6FB3 06E7 D109 56C0
GPG key http://www.oswizards.com/pubkey.asc
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAk9Xpb7MG59EJVsARAh2wAKCKuwM59PFx9PYr0j4Dh7m/bHFl0gCgjyhw
ZDvuyNb1PfR8yBRECSOve9Q=3D
=3DTb/o
=2D----END PGP SIGNATURE-----